conpot by mushorg

ICS/SCADA honeypot

updated at Nov. 15, 2024, 6:03 a.m.

96 +0

1,242 +2

414 +0

jsunpack-n by urule99

Automatically exported from code.google.com/p/jsunpack-n

updated at Nov. 15, 2024, 7:31 a.m.

16 +0

162 +1

65 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

updated at Nov. 15, 2024, 9:03 a.m.

39 +0

617 -1

84 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

updated at Nov. 15, 2024, 9:34 a.m.

61 +0

805 +2

168 +0

hashdeep by jessek

None

updated at Nov. 15, 2024, 10:07 a.m.

60 +0

709 +3

132 +0

pharos by cmu-sei

Automated static analysis tools for binary programs

updated at Nov. 15, 2024, 12:43 p.m.

78 +0

1,557 +1

191 +1

HashCheck by gurnec

HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

updated at Nov. 15, 2024, 2:18 p.m.

71 +0

1,761 +0

194 +0

yeti by yeti-platform

Your Everyday Threat Intelligence

updated at Nov. 15, 2024, 2:42 p.m.

102 +0

1,745 +4

288 +1

malice by maliceio

VirusTotal Wanna Be - Now with 100% more Hipster

updated at Nov. 15, 2024, 2:51 p.m.

96 +0

1,654 +5

266 +0

flare-fakenet-ng by mandiant

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

updated at Nov. 15, 2024, 3:04 p.m.

113 +1

1,803 +4

361 +0

rules by Yara-Rules

Repository of yara rules

updated at Nov. 15, 2024, 4:34 p.m.

351 +1

4,178 +7

1,008 +2

ngrep by jpr5

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

updated at Nov. 15, 2024, 10:57 p.m.

23 +0

902 +2

101 +0

bap by BinaryAnalysisPlatform

Binary Analysis Platform

updated at Nov. 16, 2024, 12:13 a.m.

93 +0

2,068 +0

273 +0

binnavi by google

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

updated at Nov. 16, 2024, 1:38 a.m.

220 +0

2,874 +2

453 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

updated at Nov. 16, 2024, 2:16 a.m.

184 +0

3,402 +7

583 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

updated at Nov. 16, 2024, 2:26 a.m.

27 +0

342 +1

60 +0

fibratus by rabbitstack

Adversary tradecraft detection, protection, and hunting

updated at Nov. 16, 2024, 6:59 a.m.

70 +0

2,210 +0

190 +0

CapTipper by omriher

Malicious HTTP traffic explorer

updated at Nov. 16, 2024, 7:02 a.m.

63 +0

711 +1

159 +0

inVtero.net by ShaneK2

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

updated at Nov. 16, 2024, 7:14 a.m.

30 +0

279 +1

57 +0

orochi by LDO-CERT

The Volatility Collaborative GUI

updated at Nov. 16, 2024, 7:18 a.m.

11 +0

225 +2

19 +0